Today’s security landscape is defined by immediate and severe threats, led by an actively exploited zero-day vulnerability in Cisco IOS and IOS XE software. We are also tracking critical firmware flaws in Supermicro servers that allow for persistent, unremovable malware. Furthermore, a detailed report from Google reveals the BRICKSTORM backdoor, a stealthy tool used in a long-running espionage campaign against U.S. technology and legal firms. These incidents demand immediate attention and remediation from security teams.
Top 5 Critical Security Alerts
- Cisco warns of IOS zero-day vulnerability exploited in attacks: A high-severity zero-day vulnerability in Cisco IOS and IOS XE Software is being actively exploited, requiring immediate patching. Read more
- Supermicro server motherboards can be infected with unremovable malware: Newly disclosed vulnerabilities in Supermicro’s Baseboard Management Controller (BMC) firmware allow attackers to install persistent, unremovable malware. Read more
- Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors: Google and Mandiant detail the BRICKSTORM backdoor, a sophisticated tool used by a suspected China-nexus group for long-term, stealthy espionage against US organizations. Read more
- CISA: Attackers Breach Federal Agency via Critical GeoServer Flaw: CISA confirmed that threat actors successfully breached a federal civilian agency by exploiting a critical vulnerability in the GeoServer open-source server. Read more
- Unpatched flaw in OnePlus phones lets rogue apps text messages: A significant, unpatched vulnerability in multiple versions of OnePlus OxygenOS allows any installed application to access SMS data without requiring permissions. Read more
Threat Intelligence (APT, malware, ransomware)
- Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms: U.S. prosecutors have charged two alleged core members of the prolific Scattered Spider cybercrime group, connecting them to over $115 million in ransom extortions. Read more
- Obscura, an obscure new ransomware variant: Security researchers have discovered Obscura, a previously unseen ransomware variant that was observed spreading from a victim’s domain controller. Read more
Security Breaches & Incidents
- UK arrests man linked to ransomware attack that caused airport disruptions across Europe: The UK’s National Crime Agency has arrested a suspect believed to be connected to the ransomware attack on Collins Aerospace that led to major flight disruptions. Read more
- PyPI urges users to reset credentials after new phishing attacks: The Python Software Foundation is warning developers of a new phishing campaign targeting Python Package Index (PyPI) credentials with a fake login page. Read more
- GitHub notifications abused to impersonate Y Combinator for crypto theft: A large-scale phishing campaign is exploiting GitHub notifications to impersonate Y Combinator, aiming to trick users into installing cryptocurrency-draining malware. Read more
Security Tools & Best Practices
- Kali Linux 2025.3 released with 10 new tools, wifi enhancements: The latest version of the penetration testing distribution, Kali Linux 2025.3, has been released with ten new tools and various system improvements. Read more
- What happens when you engage Cisco Talos Incident Response?: Cisco Talos provides an inside look at its incident response process, explaining how its team helps organizations mitigate threats and recover from cyberattacks. Read more
Cloud & Network Security
- New Supermicro BMC flaws can create persistent backdoors: Two new vulnerabilities in Supermicro’s Baseboard Management Controller (BMC) firmware can be exploited by attackers to flash malicious images and create persistent backdoors. Read more
Security Standards & Frameworks (NIST, MITRE ATT&CK, CIS)
- Senators introduce bill directing FTC to establish standards for protecting consumers’ neural data: A new bill has been introduced in the U.S. Senate that would empower the FTC to create privacy standards to protect consumers’ neural (brain) data. Read more
Emerging Security Technologies (AI, XDR, CNAPP)
- AI vs. AI: Detecting an AI-obfuscated phishing campaign: Microsoft Threat Intelligence details how it detected and blocked a sophisticated phishing campaign that used AI-generated code to hide its malicious payload. Read more
- Neon, the No. 2 social app on the Apple App Store, pays users to record their phone calls and sells data to AI firms: A popular call recording app is raising privacy alarms by paying users for their voice data from phone calls, which is then sold to AI development firms. Read more
- OpenAI is testing a new GPT-5-based AI agent “GPT-Alpha”: Reports indicate OpenAI is internally testing a powerful new AI agent based on a specialized version of its next-generation GPT-5 model, codenamed “GPT-Alpha.” Read more
